Open source intelligence is the next
big thing, it will change the processes and systems of current
intelligence structure. By looking at broader perspective, we can
easily find the application of OSINT from business intelligence to
security agencies, in short marketing firms, media houses, hackers,
security and military agencies blah blah blah can get benefits out of
from OSINT. But how, when and where to use OSINT ? This is actually a
topic to discuss because if you have a weapon but you don’t know how,
when and where to use, then believe me this weapon is useless.
intelligence is hidden on the tools and techniques, so in this
article we will cover some great tools that are available in the
market; and you can utilize them to make your hacking practice
efficient (if you know what I mean). Some of the tools listed below
are available on Kali Linux (the successor of backtrack) but if you
are using any other distribution or even Windows OS then you can
download and use them.
H2 { margin-bottom: 0.08in; }H2.cjk { font-family: “Droid Sans”; }H2.ctl { font-family: “FreeSans”; }P { margin-bottom: 0.08in; }A:link { }
Table of Contents
Maltego
information (believe me, it can gather). Maltego is a unique platform
developed to deliver a clear threat picture to the environment that
an organization owns and operates. Maltego’s unique advantage is to
demonstrate the complexity and severity of single points of failure
as well as trust relationships that exist currently within the scope
of your infrastructure.
- Maltego- Information Gathering ToolTutorial
- Maltego Information Gathering Backtrack5
- Maltego Tutorial – Mesh Analysis
H2 { margin-bottom: 0.08in; }H2.cjk { font-family: “Droid Sans”; }H2.ctl { font-family: “FreeSans”; }P { margin-bottom: 0.08in; }A:link { }
SHODAN
find specific computers (routers, servers, etc.) using a variety of
filters. Some have also described it as a public port scan directory
or a search engine of banners.
H3 { margin-bottom: 0.08in; }H3.western { font-family: “Liberation Sans”,sans-serif; }H3.cjk { font-family: “Droid Sans”; }H3.ctl { font-family: “FreeSans”; }P { margin-bottom: 0.08in; }A:link { }
H2 { margin-bottom: 0.08in; }H2.cjk { font-family: “Droid Sans”; }H2.ctl { font-family: “FreeSans”; }P { margin-bottom: 0.08in; }A:link { }
theHarvester
theHarvester is intended to help Penetration testers in the early
stages of the penetration test in order to understand the customer
footprint on the Internet. It is also useful for anyone that wants to
know what an attacker can see about their organization.
The objective of this program is to gather emails, subdomains,
hosts, employee names, open ports and banners from different public
sources like search engines, PGP key servers and SHODAN computer
database.
Now we want to know about your favorite tool, it might be possible that you would not find your tool in the list aforementioned list; but it is not a big deal because it is not a final list. You can share the best tools other than mentioned one. I personally like and enjoy thehavester and maltego, what do you like most ?